The HHS office for Civil Rights also known as OCR, in its attempt to tighten HIPAA privacy regulations has detailed out six new ways to deal with reports related to the breaches in patient health information.
The OCR aims to obtain HIPAA compliance from Covered Entity and Business Associate by implementing new rules. This is a part of its strategy to infuse customer confidence to provide their health information to the electronic patient health information system. This will allow the health administration to easily create and manage efficiently an online national health care system, which will provide better health-care services of, clinical and non-clinical type, to the patients.
OCR now has to its disposal, computer system which makes it easy for complainant to lodge online complains against breach in privacy of their health information. OCR is empowered to deal the breach in following ways.
- Post information online and in Public media of any breaches involving at least 500 individuals.
- Directly report to Congress about the number and type of reported breaches, and the action taken.
- Disclose data with purpose to provide technical assistance, training and guidance needed to ensure HIPAA compliance.
- Share information with other federal agencies and contractors so that they can effectively respond and investigate the breaches.
- Disclose information to third parties in order to assist them in their investigation of the reported breaches and conduct compliance reviews.
- Publicly report the results of investigations and compliance reviews and thus provide complete transparency to process.
The OCR is bound to disclose the minimum health data, which is necessary to investigate the breach and should protect the privacy of the individual or groups in the course of investigation.The office has authority, to impose heavy civil fines up to $1.5 million per violation. This should be an eye opener for the health service providers, especially Business Associates, who have not yet achieved HIPAA compliance.
OCR protects patient health information by reporting breaches and punishing violators.
Read more on HIPAA compliance at, http://www.empowerbpo.com